PACIFIC COAST BUSINESS TIMES: Computer science professors and students hack California's voting machines

October 16, 2012
Stephen Nellis
news photo

Originally published August 20, 2007

When news broke that California's electronic voting machines were vulnerable to cyber-attack, it was a team of computer scientists from the University of California, Santa Barbara, who hacked one of the systems, eventually leading California Secretary of State Debra Bowen to bar use of the machine in state elections.

"We tried to violate their security any way we could," Giovanni Vigna said of the machines, manufactured by Sequoia and until recently in use in Ventura County. "We successfully compromised the system."

Vigna, a computer science professor at UCSB, along with fellow professor Richard Kemmerer, led the team of eight hackers in a state-funded study of electronic voting machines. The group showed that, with the right knowledge, determined attackers could undetectably tamper with the outcome of an election.

The UCSB team tested one of the three major brands of electronic voting machines, which are used in 48 of California's 52 counties. Of the other two brands, one also was banned and the other was allowed to remain in use with tight security precautions.

After about five weeks of working with the machines, the UCSB researchers found the Sequoia systems vulnerable both physically and electronically.

Their report to the secretary of state covered just about every imaginable way to skew an election, from sneaking in a stack of phony voting cards to infecting the electronic voting systems with malware. The team could only share broad outlines of their attacks – many of the details are still being kept secret by the state government.

Kemmerer said writing the malware to infect the system would take a highly skilled computer scientist, but starting the hacks would take very little training. He said the team tampered with the voting system without access to its source code.

The machines operate from a central vote-counting server. That server programs cartridges that are then inserted into the voting machines themselves, which are called "edges." Election officials place seals on the edges to prevent tampering.

While access to the central server is supposed to be kept tight, "In practice, it's often the case that isn't observed," said William Robertson, a doctoral student on the UCSB team.

If a hacker could get to the server, it would take only take a few seconds to upload code that would spread through the system, altering election results.

"Even with the paper trail that is mandatory in California, you would not be able to tell that someone had modified the election," Vigna said. "These machines were very vulnerable. This is a great victory for the public."

Meanwhile, the sealed "edges," supposedly tamper-proof, often go home with election officials. But the USCB team found it could modify the machines unnoticed. It took them 18 seconds to swap out an initialization cartridge with a counterfeit containing their own code – all without breaking the cartridge's seal.

In response to the UCSB team's work, Sequoia said its systems were safe when used with proper security precautions at polling places, calling the "unfettered access" the researchers had to the machines unrealistic. In a rebuttal, the UCSB team noted that in the past the machines had been openly sold in the Internet or outright stolen.

"If you have access to these machines, and you have the resources to hire someone to reverse engineer them, that's all you need," Robertson said.

The team cracked the electronic voting system after Sequoia employees set it up with the company's own recommended security precautions, the same that are widely used across the state. "We were able to attack it and evade the most common security procedures that are out there for the counties," Robertson said.

"It's sort of like having a flawed system that has to be 'over-procedured' to make it work," Vigna said.